"Anonymity and Privacy" will be taught as a seminar class. Students will be expected to read and present a wide variety of papers; these will include technical papers, statutes, court opinions, and the like. Prerequisites include reasonable familiarity with networking and cryptography. Grading will be based on class presentations of these papers — the exact number will depend on the total enrollment — class discussion, and on two papers, one in lieu of the midterm and one in lieu of the final. There will be no exams.
Topics will include:
- Legal framework (US and European)
- Data mining and databases
- Anonymous commerce (digital cash)
- Anonymous use of the Internet (onion routing, anonymous browsing, P3P)
- Traffic analysis
- Biometrics and authentication
- Policy and national security considerations
The reading list is subject to change in response to current events.
Background Reading on Cryptographic ProtocolsThose who have no background in cryptographic protocols should read
- Chapters 2-4 of Applied Cryptography, Bruce Schneier, Wiley 1996, available in the SEAS library.
- "Using encryption for authentication in large networks of computers", R. Needham and M. Schroeder, Communications of the ACM 21:12 (Dec 1978). This is the first cryptographic protocol published in the open literature (available via the CU library network).
- "Timestamps in key distribution protocols", D. Denning and G. Sacco, Communications of the ACM 24:8 (Aug 1981). A bug and a fix in the Needham-Schroeder protocol. Note: the fix is buggy, too; see if you can find the problem. There's also another bug in Needham-Schroeder that wasn't found until 1995. (available via the CU library network).